2

... I'm new to C programming on Ubuntu, so please bear with me if i'm being too much of a noob.

I have a C file that when compiled, is allocated to a particular user (testUser) and is run as they log in as their shell. The user doesn't have sudo rights to the system in question. Basically this shell permits the user to update a file (/var/wwww/testfile) upon login and then reboots the system. Of course, it's the reboot which is giving me some issues, as they don't have superuser rights.

//file: testShell.c
#include <unistd.h>
//#include <linux/reboot.h>

int main(void)
{
  execl("/usr/bin/nano", "nano", "/var/www/testfile", NULL);
  execl("/usr/bin/shutdown", "shutdown", "-h 0", NULL);
  //reboot(LINUX_REBOOT_CMD_RESTART);
  return 0;
}
  1. The file compiles just fine to testShell
  2. I chown root:root testShell
  3. Grant SetUID using chmod u+s testShell
  4. Copy the file cp testShell /bin
  5. Update the users account to use the shell chsh -s /bin/testShell testUser

I've read the man pages on shutdown and tried within the program itself using reboot (you can see in this particular version of the file, I've commented out the header file and call) but I still can't get this user to be able to reboot the system (Ubuntu 12.04 presently). I've even tried the "init 6" system call that was posted here, but all to no avail. I've also read that using the system() call isn't a particularly good idea: I've tried it none-the-less and still no joy.

It was my understanding that if I allocate the permissions correctly and then SetUID the file, anyone running that file would implicitly be running it under the owners rights, root in this case. In fact, the /var/www/testfile that the testUser is updating, is owned by root, so something's working correctly.

Any ideas where I'm going wrong?

Community
  • 1
  • 1
bnoeafk
  • 489
  • 4
  • 16
  • (I also realize that the shutdown command isn't going to reboot the system, simply shut it down. At this point in time, I'm just trying to get something to work and then move forward from that point) – bnoeafk Sep 04 '14 at 15:34
  • I don't think it should be possible to be done that way, invoking sensible command by someone without sudo rights. That file is owned by root makes no difference. – Ashalynd Sep 04 '14 at 15:38
  • So @Ashalynd, are you saying that what I'm trying to achieve is impossible? I thought having "elevated" permissions is why chmod u+s exists? – bnoeafk Sep 04 '14 at 15:53
  • I suspect that (because otherwise it looks like a security breach). – Ashalynd Sep 04 '14 at 16:03
  • To be safe, just use sudo instead of writing your own wrapper. Someone could switch which file they're editing in nano to /etc/passwd and root the box. There's heaps of environment variable tricks as well. sudo was written for this exact purpose. You can give fine-grained sudo access to whatever script you want them to be able to run without giving them root access. Do not propagate this anti-pattern! – synthesizerpatel Sep 04 '14 at 18:40
  • @synthesizerpatel - you're referring to adding the reboot command within visudo and then just having some bash script run the nano and reboot command? (and having that script be set up as the shell for the users login?) I would still need to have them run nano though in order to update the file – bnoeafk Sep 04 '14 at 20:09
  • and using nano -R would restrict nano from opening up any other file and/or saving the edited file as anything other than "testfile" – bnoeafk Sep 04 '14 at 20:39

1 Answers1

3

It is really simple : you use directly execl to start nano and ... never return from it if it correctly works !

You should use a fork - exec- wait.

You will find a complete example on this other post from SO https://stackoverflow.com/a/19099707/3545273

Community
  • 1
  • 1
Serge Ballesta
  • 143,923
  • 11
  • 122
  • 252
  • I've just realized this! (I did say I was a newbie) When I put the reboot in before everything else, then I can reboot no problems at all... – bnoeafk Sep 04 '14 at 20:08
  • `system` call has bad reputation because if is highly sensible to change in environment variables. But I've just added a reference to an example using `fork-exec-wait` – Serge Ballesta Sep 04 '14 at 20:46